OcpSandbox: cleanup Role Binding of cnv-images (#69)

Make sure the RB for the cnv-images namespace is cleaned up. Also don't fail if the role-binding already exists (That happens only while testing, not in production)
rhpds · Jun 11, 2024 · 90c7bfc · 90c7bfc
1 parent 3357ed5
commit 90c7bfc
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 12 deletions.
diff --git a/internal/models/ocp_sandbox.go b/internal/models/ocp_sandbox.go
@@ -938,13 +938,15 @@ func (a *OcpSandboxProvider) Request(serviceUuid string, cloud_selector map[stri
 
 			_, err = clientset.RbacV1().RoleBindings("cnv-images").Create(context.TODO(), rb, metav1.CreateOptions{})
 			if err != nil {
-				log.Logger.Error("Error creating rolebinding on cnv-images", "error", err)
+				if !strings.Contains(err.Error(), "already exists") {
+					log.Logger.Error("Error creating rolebinding on cnv-images", "error", err)
 
-				if err := clientset.CoreV1().Namespaces().Delete(context.TODO(), namespaceName, metav1.DeleteOptions{}); err != nil {
-					log.Logger.Error("Error cleaning up the namespace", "error", err)
+					if err := clientset.CoreV1().Namespaces().Delete(context.TODO(), namespaceName, metav1.DeleteOptions{}); err != nil {
+						log.Logger.Error("Error cleaning up the namespace", "error", err)
+					}
+					rnew.SetStatus("error")
+					return
 				}
-				rnew.SetStatus("error")
-				return
 			}
 		}
 
@@ -1299,6 +1301,16 @@ func (account *OcpSandboxWithCreds) Delete() error {
 		return err
 	}
 
+	rbName := "allow-clone-" + account.Namespace[:min(51, len(account.Namespace))]
+	// Delete the role binding from the cnv-images namespace
+	if _, err := clientset.RbacV1().RoleBindings("cnv-images").Get(context.TODO(), rbName, metav1.GetOptions{}); err == nil {
+		if err := clientset.RbacV1().RoleBindings("cnv-images").Delete(context.TODO(), rbName, metav1.DeleteOptions{}); err != nil {
+			log.Logger.Error("Error deleting rolebinding on cnv-images", "error", err)
+			account.SetStatus("error")
+			return err
+		}
+	}
+
 	_, err = account.Provider.DbPool.Exec(
 		context.Background(),
 		"DELETE FROM resources WHERE id = $1",

diff --git a/tools/placement_create.hurl b/tools/placement_create.hurl
@@ -21,15 +21,27 @@ Authorization: Bearer {{access_token}}
   "service_uuid": "{{uuid}}",
   "resources": [
     {
-      "kind": "AwsSandbox",
-      "count": 1,
-      "annotations": {
-        "purpose": "backend"
-      }
+      "kind": "OcpSandbox"
     }
   ],
   "annotations": {
-    "guid": "testg"
+    "guid": "testgc"
   }
 }
 HTTP 200
+
+
+#################################################################################
+# Wait until the placement is succesfull and resources are ready
+#################################################################################
+
+GET {{host}}/api/v1/placements/{{uuid}}
+Authorization: Bearer {{access_token}}
+[Options]
+retry: 40
+HTTP 200
+[Asserts]
+jsonpath "$.status" == "success"
+
+GET {{host}}/api/v1/placements/{{uuid}}
+Authorization: Bearer {{access_token}}
diff --git a/tools/placement_delete.hurl b/tools/placement_delete.hurl
@@ -18,4 +18,4 @@ jsonpath "$.access_token_exp" isString
 
 DELETE {{host}}/api/v1/placements/{{uuid}}
 Authorization: Bearer {{access_token}}
-HTTP 200
+HTTP 202